package com.qianfeng.web;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * 2019/12/9
 * Administrator
 * springboot1207
 * 面向对象面向君  不负代码不负卿
 */
@RestController
public class ShiroController {

    @RequestMapping("/login")
    public String tologin(String uname,String upass){
        //1.封装用户提交的用户名和密码
        UsernamePasswordToken token = new UsernamePasswordToken(uname,upass);
        //2.提交给安全框架
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(token);
        } catch (AuthenticationException e) {
            e.printStackTrace();
            return "loginerror";
        }
        return "loginsuccess";
    }


//测试登录认证是否正确
    @RequestMapping("/testlogin")
    @RequiresRoles("管理员")
    public String testlogin(){
        System.out.println("testlogin被执行");
        return "testloginsuccess";
    }

}
